Ahmed Masud, Developer in Potomac, MD, United States
Ahmed is available for hire
Hire Ahmed

Ahmed Masud

Verified Expert  in Engineering

Software Developer

Location
Potomac, MD, United States
Toptal Member Since
December 19, 2022

Ahmed is a senior systems architect with 33 years of experience in software engineering, applied computer science, and theoretical computer science, including algorithm design. He has been a number theory researcher, systems architect, technology team lead, and CTO. Ahmed's expertise ranges from designing software and software products from the ground up and taking them to market.

Linux KernelLinux IPCLinux Kernel ProgrammingFront-endFirewallsARMBack-endCTOMachine LearningNatural Language Processing (NLP)LinuxCC++Python 3Unix

Portfolio

Hawaii Permanente Medical Group
IBM WebSphere, Squid Proxy Server, JavaScript, Proxies, HTTP/1.1, HTTP...
Trustifier Inc.
C, Linux Kernel, SELinux, Linux IPC, Linux System Calls...
Trustifier Inc.
C++, C, Linux Kernel, Full-stack Development, Front-end, APIs...

Experience

C - 20 yearsC++ - 20 yearsPython 3 - 20 yearsFile Systems - 20 yearsLinux Kernel Programming - 20 yearsMachine Learning - 15 yearsWindows Kernel Drivers - 10 yearsRust - 5 years

Availability

Part-time

Preferred Environment

Linux, Visual Studio Code (VS Code), Rust, Unix, C++, Assembler x86, Artificial Intelligence (AI), Machine Learning, C, MySQL, Docker, NumPy, Azure DevOps, Azure, DevOps, Visual FoxPro, Visual FoxPro 9, Visual Basic, Flutter, Roadmaps, Assembly

The most amazing...

...thing I've developed is a cyber security system that protects the Harry Potter saga's books: "Order of the Phoenix,” “Half-Blood Prince,” and “Deathly Hallows.”

Work Experience

Design Engineer and Technical Project Lead

2016 - 2016
Hawaii Permanente Medical Group
  • Developed a strategy to secure web applications during technology transformation.
  • Created a Health Insurance Portability and Accountability Act (HIPAA)-compliant cybersecurity strategy for PHI data post-application deployment.
  • Oversaw that over 5,100 internal web-services would be able to certify for PHI safety and HIPAA compliance.
Technologies: IBM WebSphere, Squid Proxy Server, JavaScript, Proxies, HTTP/1.1, HTTP, Web Application Firewall (WAF), Full-stack Development, Front-end, APIs, Unix, Vim Text Editor, z/OS, IPv4, Department of Defense, Back-end, Docker, Kubernetes, DevOps, Architecture, Python 3, Storage Area Networks (SAN), Software Architecture, Roadmaps

Distinguished Researcher and Chief Technology Officer

2005 - 2015
Trustifier Inc.
  • Designed and developed Trustifier KSE, the world's first commercial-off-the-shelf (COTS)-distributed security reference monitor for Linux and Windows kernels. It was used by financial institutes and aerospace and defense sector clients worldwide.
  • Designed and developed Trustifier Fahrenheit, a zero-trust web application firewall.
  • Managed a professional organization of 35 software engineers and marketing and sales professionals that provided cyber security technology products to the defense sector in North American, European, and Australasian nations.
Technologies: C, Linux Kernel, SELinux, Linux IPC, Linux System Calls, Linux Kernel Programming, PyTorch, Full-stack Development, Front-end, APIs, GPT, Natural Language Processing (NLP), Generative Pre-trained Transformers (GPT), SQL, Hardware, Bluetooth, Unix, Vim Text Editor, IPv4, Department of Defense, Back-end, Ruby on Rails (RoR), Job Schedulers, Data Science, Mobile Apps, Python, MySQL, Docker, NumPy, Kubernetes, Pandas, OOO, DevOps, Architecture, File Systems, Storage Area Networks (SAN), CTO, JavaScript, Software Architecture, Roadmaps

Lead Software Engineer and System Architect

2002 - 2015
Trustifier Inc.
  • Designed and developed Trustifier, a defense-grade security system for commercial use, which protects information systems from the insider-threat.
  • Built the company from $1 to $150 million valuation. Created revenue from $0 to $5 million monthly recurring revenue (MRR).
  • Managed this system that is being used to protect sensitive data around the globe, from intellectual property in a company to financial data in a government department. Trustifier boasts the protection of Harry Potter® manuscripts.
Technologies: C++, C, Linux Kernel, Full-stack Development, Front-end, APIs, GPT, Generative Pre-trained Transformers (GPT), Natural Language Processing (NLP), SQL, Hardware, Unix, Vim Text Editor, IPv4, Department of Defense, Back-end, Ruby on Rails (RoR), Reverse Engineering, Mobile Apps, MySQL, Docker, DevOps, Architecture, Python 3, File Systems, Storage Area Networks (SAN), CTO, JavaScript, Software Architecture, Roadmaps, Java

Cybersecurity Consulting

2014 - 2014
F50 Corporation
  • Provided multi-tier consulting to the C-Suite in a $100 million post-cyber-incident activity.
  • Guided, advised, and supported the board of directors and C-level management on cyber security incident impact control, including public relations, customer relationship management, employee relationship management, and technology impact control.
  • Developed a robust cyber-security post-incidence response program across the enterprise.
  • Liaised between the cyber-audit team and C-level stakeholders. Educated and oversaw support for the board of directors.
  • Saved the organization several million dollars by guiding cyber insurance.
Technologies: Cisco, Firewalls, IP Networks, F5 Networks, IBM Mainframe, Dell EMC, IBM Storage, Global Banking, Online Banking, Risk Models, Risk, Public Policy, Public Relations (PR), Technology, Unix, Vim Text Editor, z/OS, IPv4, Back-end, Mobile Apps, Python, MySQL, Kubernetes, DevOps, Architecture, Python 3, JavaScript

Device Security Lead

2012 - 2013
Mobile Devices Manufacturer
  • Provided engineering and compliance consulting to the engineering teams on building secure mobile devices to the specifications accepted by the USDoD.
  • Developed a fully compliant semi-formal specification that withstood DIACAP MAC-1 compliance for hardware.
  • Developed one of the fastest D2M ATO processes in a multi-tenancy mobile appliance.
Technologies: DIACAP, FIPS 140-2, Common Criteria Certified, Common Criteria, Kernel, Mobile GPS, GPSS, GPS, Radio Frequency (RF) Protocol, Radio, ARM, APIs, Reverse Engineering, Department of Defense, Unix, Microsoft Assembly x86 (MASM), Vim Text Editor, IPv4, Back-end, Nordic nRF52, Mobile Apps, MySQL, OOO, DevOps, Architecture, Python 3, Storage Area Networks (SAN), JavaScript, Roadmaps

Project Manager and Lead Software Engineer

2001 - 2002
Natural Resources Canada
  • Deployed SnapLinux in a data-warehousing configuration to collect, coordinate, and record large quantities of real-time GPS correction data.
  • Improved the system to be graded to back up over 1.2 billion GPS corrections per hour in real time.
  • Oversaw design, development, and production of the entire system.
Technologies: Linux, C++, HP-UX, C, Front-end, APIs, SQL, Electronic Sensors, Hardware, Unix, Vim Text Editor, z/OS, IPv4, Back-end, MySQL, OOO, DevOps, Architecture, Python 3, Roadmaps, IBM Basic Assembly Language

Software Design Engineer and Technical Project Lead

1999 - 2000
National Research Council Canada
  • Designed, developed, implemented, deployed, and supported an extensive document generation system with underlying event management architecture.
  • Created and oversaw the implementation of the entire system, including the protocol to control, guide, and coordinate the activities of over one hundred personnel.
  • Increased the efficiency by decreasing processing time from two hours to a four-second response time with the new environment working over three hundred different task-specific workstations and twelve real-time servers.
  • Increased revenue from a loss of $25,000 per week to a net profit of $150,000 per week.
Technologies: Perl, C++, C, Oracle, Oracle 11i, z/OS, Solaris, HP-UX, Windows Server 2000, Microsoft Visual C++, Assembler, Device Drivers, Printer Drivers, OCR, Barcode Library, Full-stack Development, Front-end, APIs, SQL, Hardware, Unix, Microsoft Assembly x86 (MASM), Vim Text Editor, IPv4, Back-end, Job Schedulers, Exports, MySQL, OOO, DevOps, Architecture, Roadmaps

Software Design Engineer and Technical Project Lead

1998 - 1998
Nortel Corporation, Canada
  • Redesigned a complex CAD document transformation system from 500,000 to 10,000 lines of code.
  • Saved the customer over $1 million per month in processing CAD information and reduced compute costs by a factor of 30.
  • Redesigned and re-engineered legacy mainframe code in record time and guided the entire team to deliver the project one month before the deadline, saving the customer an additional $8 million in potential penalties.
Technologies: VRML, Perl, Bash, C++, C, GNU Make, GNU Guile, APIs, Hardware, Unix, Vim Text Editor, Multicast, IPv4, Back-end, Exports, OOO, DevOps, Architecture, Roadmaps

Design Engineer and Technical Project Lead

1996 - 1996
Natural Resources Canada
  • Developed a custom protocol gateway from X.25 over to IP over frame-relay.
  • Oversaw design, development, testing, and production of a large real-time network upgrade.
  • Managed to deliver the best ROI in the history of Canadian public sector projects with a 1,000x return over 15 years.
Technologies: HP-UX, Solaris, Linux, Multicast, IPv4, X.25, C, APIs, SQL, Hardware, Motor Control, Unix, Vim Text Editor, Back-end, Exports, OOO, DevOps, Architecture, Roadmaps

Project Manager and Lead Software Engineer

1994 - 1995
Natural Resources Canada
  • Implemented the first generation of secure data delivery interfaces in MaxTran ELSI/BDL for GPS data correction information.
  • Established standards for and deployed Canada's first Linux-based environments for the first time in Canadian Federal Government.
  • Deployed the then-largest, real-time data collection and redistribution network with under 1-minute latency from the arctic circle down to the Gulf of Mexico.
Technologies: C, HP-UX, Linux, Flex, Yacc, Bison, Assembler, PA-RISC, Full-stack Development, APIs, SQL, Hardware, Motor Control, Vim Text Editor, IPv4, Back-end, Exports, OOO, Roadmaps

Resiliate

It delivers near-instantaneous rectification of disastrous impact, including recovery from data destruction like evil admin or complete data corruption, such as ransomware.

Simplified security operations by providing data-centric CRUD authorization, context-sensitive integrity and confidentiality, as well as resilient data availability, all in one unified solution. It bridges the gap between legacy and modern computing by providing a path for legacy systems to transparently interconnect with any cloud-backed storage and support S3 and Azure blob API.

Resiliate provides deep forensics and audit trails for everything that touches the data. It provides software-defined, zero-trust security enclaves for critical systems and complex security policy requirements and enables controls from standards such as NIST 800-53R5. For example, Resiliate allows customers to comply with CMMC 1.0 up to IL5.

RYU by Trustifier

A drop-in commercial off-the-shelf solution for protecting against web application attacks. RYU is a multi-layer plugin that utilizes a Trustifier kernel protector. I developed methodologies on each of the sub-layers of the web application stack.

Trustifier Kernel Security Enforcer (KSE) | Advanced Security System for Linux

A comprehensive audit and control trust agent for the Linux operating environment. Its features include mandatory access control, system-call access for all system calls, domain-level security, hierarchical and non-hierarchical access management, MLS, detached auditing, and detached credentials management.

SnapLinux Secure Linux Distribution

SnapLinux is a customizable version of the Linux operating environment designed for CNSSI 4009 compliant system-high environments with built-in data diodes, a highly configurable multi-function, n-way S/VPN capable, masquerading router, and a firewall.

Architecture for Real-time Devices

A portable wireless device that is the primary communications device that allows up to 10,000 entities to be present in a single field of activity and intercommunicate and coordinate the entities on a battlefield.

I acted as the lead engineer for this project.

Languages

C, Rust, C++, Python 3, Embedded C, Assembler x86, Assembler, Bash, GNU Guile, JavaScript, Python, SQL, Visual FoxPro, Visual FoxPro 9, Visual Basic, Dart, Assembly, Microsoft Assembly x86 (MASM), Perl, GPSS, IBM Basic Assembly Language, Java, VRML

Frameworks

Flex, Flutter, Ruby on Rails (RoR)

Libraries/APIs

PyTorch, NumPy, Pandas, Sidekiq

Tools

Vim Text Editor, Fuse, GNU Make, Microsoft Visual C++, Dell EMC, Squid Proxy Server

Paradigms

Data Science, OOO, Azure DevOps, DevOps, Radio Frequency (RF) Protocol, Software-defined Networking (SDN)

Platforms

Linux, Solaris, Unix, HP-UX, Embedded Linux, Kernel, Docker, Kubernetes, Azure, Visual Studio Code (VS Code), Oracle, OpenShift, z/OS, IBM WebSphere

Storage

Windows File Systems, Ceph, Storage Area Networks (SAN), MySQL, Oracle 11i

Other

Linux Kernel, SELinux, Linux IPC, Linux System Calls, Linux Kernel Programming, Machine Learning, File Systems, C# Operators, Windows Kernel Drivers, Btrfs, Stochastic Modeling, Stochastic Differential Equations, Language Models, Yacc, Bison, PA-RISC, IPv4, Ethics, Windows Server 2000, Device Drivers, Web Application Firewall (WAF), Full-stack Development, Front-end, APIs, Natural Language Processing (NLP), Hardware, Firewalls, IP Networks, F5 Networks, Risk Models, Risk, Public Policy, Public Relations (PR), Technology, DIACAP, FIPS 140-2, Common Criteria, Mobile GPS, GPS, ARM, Reverse Engineering, Department of Defense, Back-end, Job Schedulers, Exports, Mobile Apps, Architecture, CTO, Software Architecture, Roadmaps, GPT, Generative Pre-trained Transformers (GPT), ZFS, Network Data Storage, Multicast, Printer Drivers, Electronic Sensors, Motor Control, Cisco, IBM Mainframe, IBM Storage, Global Banking, Online Banking, Radio, X.25, Engineering, OCR, Barcode Library, Proxies, HTTP/1.1, Bluetooth, Common Criteria Certified, Nordic nRF52, IoC, System-on-a-Chip (SoC), Artificial Intelligence (AI), HTTP